Amendments to the Claims: 

This listing of claims will replace all prior versions and listings of claims in the 
application: 



Listing of Claims: 

1 . (currently amended) A method for providing session protection for user privacy over a 
network, by means including at least a client and a remote server, wherein a user, using a 
client application, may submit a request through said client for a specified action to be 
performed in response to said request by said remote server, said user-submitted request 
comprising identity information that identifies the user making the request, and action 
information that specifies the action requested from said remote server by said user, wherein 
said communications are provided in a secure and anonymous manner in that said action 
information is submitted to said remote server without revealing said identity information to 
said remote server, and in that only said client, and not any facility through which said action 
information or any response thereto passes in the course of being submitted to or received 
from said remote server, possesses both said identity information and said action 
information, said system comprising (in addition to said client and remote server): 

(a) separating, within said client application, said identity information and said action 
information from the user's information request, encrypting said action information, and 
sending said identity information and said action information as so encrypted to an 
identity server; 

(b) transmitting said encrypted action information from said identity server to an action 
server; 

(c) decrypting, within said action server, said action information, transmitting said decrypted 
action information to said remote server, receiving the remote server's response, 
encrypting said remote server response, and transmitting said encrypted remote server 
response to said identity server; 

(d) receiving, within said identity server said encrypted remote server response from said 
action server, associating said encrypted remote server response with said identity 
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information and sending said encrypted remote server response to said client application; 
and 

(e) decrypting, within said client application, said remote server response and forwarding 
said decrypted remote server response to said client for presentation to said user. 

2. (previously withdrawn without prejudice) 

3 . (previously withdrawn without prejudice) 

4. (previously withdrawn without prejudice) 

5 . (previously withdrawn without prejudice) 

6. (previously withdrawn without prejudice) 

7. (previously withdrawn without prejudice) 

8 . (previously withdrawn without prej udice) 

9. (previously withdrawn without prejudice) 

10. (currently withdrawn without prejudice) 

1 1 . (previously amended) The method of claim 1 wherein said identity server and said action 
server are implemented as processes or threads which may execute on the same or different 
computers. 

12. (currently amended) The method of claim 1 -K) carried out in a distributed operating 
environment in which there are a plurality of users, a plurality of identity servers and a 
plurality of action servers, all communicating in accordance with the method of claim 1 . 

13. (currently withdrawn without prejudice) 
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